What Is Intrusion Prevention?
All ASA/PIX Security Appliances include intrusion protection features, specifically IP Audit, which contains 51 signatures of well-known Internet attacks, and IPS. IPS and IP Audit are capable of looking into packets that come into the ASA/PIX Security Appliance, matching the contents of the packets to an attack signature, and then either reporting or stopping the attack. In addition to signature-based IP Audit protection, the ASA/PIX Security Appliance supports HTTP application inspection, user-definable protocol configurations, instant messaging and peer-to-peer protection, and customized application inspection.
Table 9-1 describes the features supported by the ASA/SSM solution.
Get Securing Your Business with Cisco ASA and PIX Firewalls now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
